• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

Menu
  • About
  • Must Read
      • IIS Performance Boost
      • RFID Security
      • Web App Security Testing
      • How to Secure Home Network
      • Prevent Cross-Site Scripting Attacks
      • Renew Self-Signed Certificates
      • Penetration Testing Tools
      • VPN Concentrator
      • Forensic Investigation Tools
      • Digital Certificates
      • Cloud Security Issues
      • Advanced Evasion Prevention
      • Firewall Types
      • Tips to Prevent Data Exfiltration
      • Classified Info Handling
      • MySQL Security
      • Definition of 7 Types of Malware
      • VOIP Security
      • Why Antivirus Software Fails
      • 15 Network Security Vulnerabilities
      • Web App Security
      • IT Security Standards
      • Types of Virtualization
      • Android Security
      • Digital Signature
      • Advanced Malware Protection
    • Close
  • Consultancy
  • Contact

GLBP-Gateway Load Balancing Protocol Configuration

by wing

What is GLBP: Gateway Load balancing protocol is a Cisco proprietary protocol for both redundancy and load balancing in Cisco switches and routers. Although VRRP or HSRP provides a network link redundancy to router traffic in a or a number of routers in case of failure to the main active routes, but they do not allow to fully utilizing the available network resources. GLBP provides a single virtual IP address and a number of virtual MAC addresses to a GLBP group to make sure all the available networking resources are fully utilize to reduce the high traffic to a single device and at the same time it reroute traffic automatically in the event of a network device or port failure.      

GLBP Vs VRRP or HSRP: The main difference between  HSRP/VRRP and GLAB is that both HSRP and VRRP only provides network resiliency in case of active device failure, you cannot use the available resources of standby routers or switches unless the active device fails. On the other hand GLBP provides both redundancy and network traffic load balancing. The only ways HSRP/VRRP can provide load balancing is by creating multiple groups and assign each group to a number of computers to use it as a default gateway, at the cost of an increased administrative task.

GLBP at a glance

  • It was created in 2005 by Cisco Systems
  • Multiple gateways work simultaneously in order to share load and to provide automatic failover.
  • Full capacity of available resources are utilized in GLBP
  • Unlke HSRP or VRRP it does not increase any administrative burden
  • A single interface can have a maximum of 1024 group
  • It can track only objects, not any interface
  • A GLBP group can have only one AVG, a number of AVFs and AVG is responsible for load balancing among AVFs

What is AVG: AVG or active virtual gateway is selected by the GLBP members to have the role of assigning virtual MAC address to all the member of the group. When a user sends a request for a MAV resolution, the AVG sends a virtual MAC of a group member that can take the load of that user. Any member of the GLBP group that forward traffic for any users is known as AVFs or active virtual forwarder. Basically the AVFs do the load balancing job and AVF does the administrative part of a GBLP group.

Prerequisites for configuring GLBP

Before configuring GLBP you need to ensure that your router support assigning of multiple MAC address on the same physical interface. For each AVF on virtual MAC is necessary.

GLBP supported platforms

Cisco 1700 Series Routers: 1700, 2600, 2640,3660,3725,7200,7300,7500,7600 and Catalyst 6500 switches

More information about platform support can be found at: http://www.cisco.com/go/fn

GLBP configuration Process

There are mainly three processes that you can follow to fully implement GLBP in a group of routers in order to provide load sharing and redundancy to a network. The processes are:

1. Enabling GLBP

2. GLBP customization process

3. GLBP weighing and tracking

1. Enabling GLBP: this is the most basic configuration that you need to do in order to set up GLBP in a router or in a switch. To enable GLBP follow the following steps

a. Enter the interface that you want to enable for GLBP
b. setup interface IP address

C. set up GLBP group IP and the virtual IP address for the AVG

glbp configuration
GLBP Configuration

 

 

 

Example to enable GLBP in a switch

Switch interface Van 2

Switch#(config-if)#ip address 10.1.1.2 255.255.255.0

Switch#(config-if)#glbp 1 10.1.1.1   (AVG or  virtual IP  is 10.1.1.1.and group id is 1)

 

2.GLBP customization

Once you setup the basic configuration you can start its customization according to your needs. The most important customization is the setting up of GLBP weight and its upper and lower limit. The lower limit is the threshold below which an AVF will no longer forward any frame and the higher limit is set up to make a router become active in forwarding frames.

Switch#interface vlan 2

Switch#(config-if)#glbp 1 weight 110 lower 85 upper 105

Switch#(config-if)# glbp timers msec 250  msec 600 ( 250 millisecond is hello time, and 600 is the hold downtime )

Switch#(config-if)#glbp 1 authentication md5 keystring cisco123

Switch#(config-if)#glbp 1 weighting track 2 decrement 10

Switch#(config-if)#glbp 1 weighting track 3 decrement 20

 

3.Tracking set up in interfaces

Switch#(config)#track 2 interface fastethernet 0/1 line-protocol

Switch#(config)#track 3 interface fastethernet 0/2 line-protocol

Related Posts:

  • VRRP Configuration(virtual router redundancy protocol)
  • HSRP Configuration(Hot Standby Routing Protocol)

Filed Under: Network Security Tips Tagged With: gateway, glbp, hsrp, load balancing, protocol, vrrp

Primary Sidebar

CISSP Sample Test

Take a CISSP Sample Test

CISA IT governance Sample test



Twitter Follow @securitywing

Categories

  • AWS
  • containers
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Network Security Tips
  • Off Track
  • Telecom
  • Tutorial

Pages

  • About
  • Best IT Security Certification Exam
  • CISA IT governance Sample test
  • CISA Sample Test
  • CISSP Sample Test Online
  • Consultancy
  • Contact

Popular Posts

  • 8 Effective Ways to Impro...
  • 3 Steps to Install Miniku...
  • Yahoo Mail Security Setti...
  • How to Setup AWS CloudFro...
  • 3 Simple Steps to Capture...
  • 5 Steps to Setup a Nexus3...
  • How to Configure AAA (TAC...
  • How to Configure SNMP in...
  • How to Install AWS CLI an...
  • How to Renew Self-Signed...

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

antivirus audit AWS backup browser check cisco cloud computer cyber data database encryption firewall home hsrp ids informaiton internet intrusion it kubernetes linux load balancing malware network protection putty risk router security security tips server ssh SSL switch tools virus vpn vulnerability web webserver website windows wordpress

Copyright © 2010-2023 ·All Rights Reserved · SecurityWing.com